Ruth Cheesley, profile picture
Uploaded byRuth Cheesley
797 views

Joomla!Day UK 2011 - Virya Technologies - Ruth Cheesley - Joomla! Security

This document discusses Joomla! security best practices. It recommends keeping Joomla! and all extensions updated, enabling search engine friendly URLs, and establishing a regular backup routine. The document also suggests hiding the admin portal, changing the database prefix and default admin ID, and using a web application firewall for additional security. Key tips include keeping software updated, using strong passwords, and not giving out admin rights freely.

Joomla! SecurityRuth Cheesley
Hello, I’m Ruth Cheesleyfrom Virya TechnologiesFind my social media stuff here!@RCheesley
What do we mean by security?
Why bother?
Where to start?
Security is …Putting measures in place to make unauthorised access more difficultNOT making it impossible
… a balancing actSecurity versus usabilityRisk versus implications
A quick look at server securityUse a reputable company with Joomla! experienceEnsure they have recommended security settings appliedAsk others if you’re not sure!
Is Joomla! insecure?It depends!Often insecurities are due to poor practice by administrators including:Patches not being appliedInsecure extensionsBasic precautions not taken
If you do nothing else …Keep Joomla! and extensions up to date
Updating Joomla!ManuallyOne-click (1.6.x +)Akeeba Admin Tools
If you do nothing else …Enable Search Engine Friendly (SEF) URL’s
Enable SEF URL’sEnable in global configurationWith or without .htaccessUsing extensions
If you do nothing else …Establish a regular backup routine
Establish a backup routineOn-site backupsOff-site backupsFull or partialAkeeba backup
Other ‘must do’ security tasksHide your admin portal (jSecure, Admin Tools)Change your database prefix (manually or using Admin Tools)Change your default Super Admin ID (from #62 in 1.5 or #42 in 1.6/7)
Hide admin portalWhy bother?jSecureAkeeba Admin Tools
Change database prefixWhy bother?ManuallyAkeeba Admin Tools
Change default admin IDWhy bother?ManuallyAkeeba Admin Tools
Would be good to do …Web application firewall
Web Application FirewallWhy bother?Akeeba Admin Tools
Top Ten TipsKeep Joomla! up to dateKeep extensions up to dateHide admin portalChange database prefixEnsure correct file and folder permissionsDisable default Super AdministratorEnable SEF URL’sEstablish and regularly test backup routineEnsure strong username/password for adminsDo not give out Admin rights freely
Useful linkshttp://www.viryatechnologies.comhttp://www.akeebabackup.comhttp://www.joomlaserviceprovider.comhttp://tinyurl.com/joomlasecuritychecklisthttp://www.ico.gov.uk/
Thank youAny questions?Ruth CheesleyVirya Technologiesruth.cheesley@viryatechnologies.com@RCheesley

More Related Content

PPT
Joomla Security
byViryaTechnologies
 
PPTX
Safety webinar with mark friend
byERAUWebinars
 
PPTX
Windows updates by Rithyvong neou
byrneou
 
ODP
CMS Security - Ruth Cheesley - CMS Africa 2014
byRuth Cheesley
 
PDF
Joomla User Group Suffolk - July 2012 - Crossing the line first or last - per...
byRuth Cheesley
 
ODP
Microdata, Authorship, Google+ and Joomla! - Ruth Cheesley - Joomla! World Co...
byRuth Cheesley
 
PDF
Joomla User Group Suffolk - July 2012 - Template Optimisation by Ruth Cheesle...
byRuth Cheesley
 
ODP
Joomla!Day Switzerland 2013 - Ruth Cheesley - SEO for Mythbusters
byRuth Cheesley
 
Joomla Security
byViryaTechnologies
 
Safety webinar with mark friend
byERAUWebinars
 
Windows updates by Rithyvong neou
byrneou
 
CMS Security - Ruth Cheesley - CMS Africa 2014
byRuth Cheesley
 
Joomla User Group Suffolk - July 2012 - Crossing the line first or last - per...
byRuth Cheesley
 
Microdata, Authorship, Google+ and Joomla! - Ruth Cheesley - Joomla! World Co...
byRuth Cheesley
 
Joomla User Group Suffolk - July 2012 - Template Optimisation by Ruth Cheesle...
byRuth Cheesley
 
Joomla!Day Switzerland 2013 - Ruth Cheesley - SEO for Mythbusters
byRuth Cheesley
 

Similar to Joomla!Day UK 2011 - Virya Technologies - Ruth Cheesley - Joomla! Security

PPTX
Joomla Security v3.0
byAjay Lulia
 
PPTX
Securing Your Joomla website
byMike Carson
 
PDF
Secrets to a Hack-Proof Joomla Revealed
bySiteGround.com
 
PDF
8 Simple Ways to Hack Your Joomla
bySiteGround.com
 
PPT
Joomla Security
byRuth Cheesley
 
ODP
Joomladay Netherlands - Security
byWilco Jansen
 
PPT
Joomladay Switzerland - security
byWilco Jansen
 
PPTX
Joomla spécialiste
byRomain Caisse
 
PPTX
Brendon Hatcher Joomla Security
byJoomla Day South Africa
 
PDF
OWASP Thailand 2016 - Joomla Security
byAkarawuth Tamrareang
 
PPTX
Keeping Your Joomla! Site Secure
byjoomladayhouston
 
PPT
Avoid Getting Hacked! Presentation on Joomla! Web Security
byDorothy Firsching (Ursa Major Consulting)
 
PDF
8 Most Popular Joomla Hacks & How To Avoid Them
bySiteGround.com
 
PDF
8 Most Common Joomla! Hacks and How to Avoid Them
byDaniel Kanchev
 
PDF
Hidden Secrets For A Hack-Proof Joomla! Site
byDaniel Kanchev
 
PPTX
Joomla! security jday2015
byShaiffulnizam Mohamad
 
PDF
Joomla! security jday2015
bykriptonium
 
KEY
Joomla! Day Poland 2012 - Active Security for Joomla! sites
byNicholas Dionysopoulos
 
PDF
Joomla! security
byYireo
 
PDF
Joomla Security Basics presented by Jeff Mendelson
byJeff Mendelson
 
Joomla Security v3.0
byAjay Lulia
 
Securing Your Joomla website
byMike Carson
 
Secrets to a Hack-Proof Joomla Revealed
bySiteGround.com
 
8 Simple Ways to Hack Your Joomla
bySiteGround.com
 
Joomla Security
byRuth Cheesley
 
Joomladay Netherlands - Security
byWilco Jansen
 
Joomladay Switzerland - security
byWilco Jansen
 
Joomla spécialiste
byRomain Caisse
 
Brendon Hatcher Joomla Security
byJoomla Day South Africa
 
OWASP Thailand 2016 - Joomla Security
byAkarawuth Tamrareang
 
Keeping Your Joomla! Site Secure
byjoomladayhouston
 
Avoid Getting Hacked! Presentation on Joomla! Web Security
byDorothy Firsching (Ursa Major Consulting)
 
8 Most Popular Joomla Hacks & How To Avoid Them
bySiteGround.com
 
8 Most Common Joomla! Hacks and How to Avoid Them
byDaniel Kanchev
 
Hidden Secrets For A Hack-Proof Joomla! Site
byDaniel Kanchev
 
Joomla! security jday2015
byShaiffulnizam Mohamad
 
Joomla! security jday2015
bykriptonium
 
Joomla! Day Poland 2012 - Active Security for Joomla! sites
byNicholas Dionysopoulos
 
Joomla! security
byYireo
 
Joomla Security Basics presented by Jeff Mendelson
byJeff Mendelson
 

More from Ruth Cheesley

ODP
Automating your marketing workflows in Joomla with Mautic
byRuth Cheesley
 
PDF
Chalk and cheese - how developers and designers can work together and not cru...
byRuth Cheesley
 
PDF
Time to stop breaking your promises - dealing with 404's, broken URLs and pla...
byRuth Cheesley
 
ODP
Ruth Cheesley - Joomla! World Conference 2013 - Is your business intelligent?
byRuth Cheesley
 
PDF
Discovering Joomla! - Find out about Joomla's features
byRuth Cheesley
 
ODP
Ruth Cheesley - Joomla!Day UK - Articles are boring, long live the CCK!
byRuth Cheesley
 
PDF
Fight for the Pixel - Innovation Martlesham - Ruth Cheesley
byRuth Cheesley
 
ODP
Ruth Cheesley - Joomla!Day UK - Giving back to Joomla!
byRuth Cheesley
 
PDF
Data first web development
byRuth Cheesley
 
PPTX
Custom Fields in Joomla - JoomlaDay UK 2016 - Marco Dings
byRuth Cheesley
 
PDF
Ruth Cheesley - Joomla World Conference 2014 - How to prove you're worth a mi...
byRuth Cheesley
 
PDF
Conflict as an opportunity for growth in Open Source communities - European C...
byRuth Cheesley
 
ODP
Ruth Cheesley - Joomla!Day UK - Joomla in your area
byRuth Cheesley
 
ODP
Suffolk Internet Marketing & SEO/M Specialists - Ruth Cheesley - Don't get in...
byRuth Cheesley
 
PDF
Open source meets marketing - Presentation - OpenFest 2019
byRuth Cheesley
 
ODP
The world needs Open Source - Ruth Cheesley - NorDevCon 2014
byRuth Cheesley
 
ODP
Women in Open Source - Ruth Cheesley - CMS Africa 2014
byRuth Cheesley
 
ODP
Ruth Cheesley - Joomla! World Conference 2013 - What are you trying to say (a...
byRuth Cheesley
 
PDF
Integrated Marketing Strategies with Mautic
byRuth Cheesley
 
ODP
A gaze into the crystal ball of Google - social, local and predictive search
byRuth Cheesley
 
Automating your marketing workflows in Joomla with Mautic
byRuth Cheesley
 
Chalk and cheese - how developers and designers can work together and not cru...
byRuth Cheesley
 
Time to stop breaking your promises - dealing with 404's, broken URLs and pla...
byRuth Cheesley
 
Ruth Cheesley - Joomla! World Conference 2013 - Is your business intelligent?
byRuth Cheesley
 
Discovering Joomla! - Find out about Joomla's features
byRuth Cheesley
 
Ruth Cheesley - Joomla!Day UK - Articles are boring, long live the CCK!
byRuth Cheesley
 
Fight for the Pixel - Innovation Martlesham - Ruth Cheesley
byRuth Cheesley
 
Ruth Cheesley - Joomla!Day UK - Giving back to Joomla!
byRuth Cheesley
 
Data first web development
byRuth Cheesley
 
Custom Fields in Joomla - JoomlaDay UK 2016 - Marco Dings
byRuth Cheesley
 
Ruth Cheesley - Joomla World Conference 2014 - How to prove you're worth a mi...
byRuth Cheesley
 
Conflict as an opportunity for growth in Open Source communities - European C...
byRuth Cheesley
 
Ruth Cheesley - Joomla!Day UK - Joomla in your area
byRuth Cheesley
 
Suffolk Internet Marketing & SEO/M Specialists - Ruth Cheesley - Don't get in...
byRuth Cheesley
 
Open source meets marketing - Presentation - OpenFest 2019
byRuth Cheesley
 
The world needs Open Source - Ruth Cheesley - NorDevCon 2014
byRuth Cheesley
 
Women in Open Source - Ruth Cheesley - CMS Africa 2014
byRuth Cheesley
 
Ruth Cheesley - Joomla! World Conference 2013 - What are you trying to say (a...
byRuth Cheesley
 
Integrated Marketing Strategies with Mautic
byRuth Cheesley
 
A gaze into the crystal ball of Google - social, local and predictive search
byRuth Cheesley
 

Recently uploaded

PDF
Build Agentic AI Applications with Oracle AI Database Private Agent Factory -...
bySandesh Rao
 
PDF
Airtable Building Semantic Search with Milvus
byZilliz
 
PDF
AWS Community Day Indonesia 2025 - Attack the Cloud Before Attackers Do Build...
byMuhammad Yuga Nugraha
 
PPTX
Session 6 Specialized AI Associate Series: The GenAI Experience in UiPath Doc...
byDianaGray10
 
PDF
Top Features of Effective Executive BI Dashboards for Business Success.pdf
bybullseye enagegement
 
PDF
The End of the Missed Call - How AI Recaptures Lost Leads and Secures ROI
byiovox
 
PDF
Session 3 - UiPath Coded Agents & MCP Server in Action
byDianaGray10
 
PDF
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
 
PDF
SQL Server BI Modeling Designing Data for Success with SqlDBM.pdf
bySQL DBM
 
PDF
The Invisible Threads: How 'Connection' Builds the Smartest Organizations. By...
byTheta Prime Institute, Cheyenne, Wyoming, USA.
 
PDF
Top-10-Cloud-Service-Companies-in-2025-Market-Leaders-and-Innovators.pdf
byArtjoker Software Development Company
 
PPTX
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
 
PDF
Poster: Generalizable Image Repair for Robust Visual Control
byIvan Ruchkin
 
PPTX
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
 
PDF
APDCA Energy sustainability white paper.pdf
byflintglobalapac
 
PDF
Embracing Karpenter to scale, optimise and upgrade Kubernetes
byMarko Bevc
 
PDF
STurbo M.C. Surge Prevention by CCC Company
byRobertWaters35
 
PDF
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
DOCX
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
PDF
Transcript: Ready, set, go: Pre-fall sales trends and data-driven insights - ...
byBookNet Canada
 
Build Agentic AI Applications with Oracle AI Database Private Agent Factory -...
bySandesh Rao
 
Airtable Building Semantic Search with Milvus
byZilliz
 
AWS Community Day Indonesia 2025 - Attack the Cloud Before Attackers Do Build...
byMuhammad Yuga Nugraha
 
Session 6 Specialized AI Associate Series: The GenAI Experience in UiPath Doc...
byDianaGray10
 
Top Features of Effective Executive BI Dashboards for Business Success.pdf
bybullseye enagegement
 
The End of the Missed Call - How AI Recaptures Lost Leads and Secures ROI
byiovox
 
Session 3 - UiPath Coded Agents & MCP Server in Action
byDianaGray10
 
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
 
SQL Server BI Modeling Designing Data for Success with SqlDBM.pdf
bySQL DBM
 
The Invisible Threads: How 'Connection' Builds the Smartest Organizations. By...
byTheta Prime Institute, Cheyenne, Wyoming, USA.
 
Top-10-Cloud-Service-Companies-in-2025-Market-Leaders-and-Innovators.pdf
byArtjoker Software Development Company
 
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
 
Poster: Generalizable Image Repair for Robust Visual Control
byIvan Ruchkin
 
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
 
APDCA Energy sustainability white paper.pdf
byflintglobalapac
 
Embracing Karpenter to scale, optimise and upgrade Kubernetes
byMarko Bevc
 
STurbo M.C. Surge Prevention by CCC Company
byRobertWaters35
 
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
Transcript: Ready, set, go: Pre-fall sales trends and data-driven insights - ...
byBookNet Canada
 

Joomla!Day UK 2011 - Virya Technologies - Ruth Cheesley - Joomla! Security